Last Update: 2016-02-16

For easy testing and experimenting, below you can find a compiled version of Docker Experimental v1.10.0 with native checkpoint and restore functionality (compiled from the cr-defunct branch of @boucher/docker).

Also, a compiled version of CRIU v1.8.1 (compiled from the no-netns branch of @boucher/criu) with support for a new proposed flag to "skip" network namespaces when checkpointing and restoring. And finally, libprotobuf, a dependency.

A few notes about this release:

  • Networking support is working!
  • seccomp is now on by default in Docker, but only supported in CRIU with kernel 4.13 or newer, so you'll likely want to start your containers with the flag --security-opt seccomp:unconfined

Example use:

docker run -d --security-opt seccomp:unconfined busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done'

If you examine the logs at this point, you should see prints of an increasing integer counter.

docker checkpoint <id>

docker restore <id>

Checking the logs again should show that the counter is still increasing. (Waiting a bit between checkpoint and restore can increase your confidence that the process actually stopped for a while)

NOTE: you may need additional dependencies:

$ ldd `which criu` =>  (0x00007fffc3094000) => /lib/x86_64-linux-gnu/ (0x00007f8f0d358000) => /usr/lib/x86_64-linux-gnu/ (0x00007f8f0d148000) => /lib/x86_64-linux-gnu/ (0x00007f8f0cf43000) => /lib/x86_64-linux-gnu/ (0x00007f8f0cd29000) => /lib/x86_64-linux-gnu/ (0x00007f8f0c964000)
    /lib64/ (0x00007f8f0d57e000) => /lib/x86_64-linux-gnu/ (0x00007f8f0c65d000)
